Avoiding the Creation of a 21st Century “Stasi” in France

France has powerful intelligence agencies and highly sophisticated capabilities. However, similar to all Western agencies they do not possess the requisite legal powers, manpower or resources to conduct highly intrusive and persistent surveillance of thousands of individuals, many of whom will have never been charged with a crime.

Even if they did, the public attitude to and willingness to support blanket surveillance of large segments of the population, plays to the fears of many who see in that action echoes of George Orwell’s dystopian concept of “thought crime” surveillance.

The challenge is to identify which networks of individuals deserve further attention. In light of recent events, the upswell of public outrage at the Hebdo attacks, the mass migration to Southern Europe of refugees fleeing the conflicts in the Middle East, North Africa and Sub Saharan Africa as well as Eritrea, Somalia and Yemen and a general perception in France that French society is under attack from within, would it be possible to speculate that the French are unwittingly considering the creation of the own Stasi? Albeit in a more benign guise and with best intentions.

The Ministerium für Staatssicherheit (MfS) or The Ministry for State Security commonly known as the Stasi was the official state security service of the German Democratic Republic (GDR), colloquially known as East Germany. The service was headquartered in East Berlin and has been described as one of the most effective and repressive intelligence and secret police agencies to have ever existed.

One of its main tasks was spying on the population, mainly through a vast network of citizens turned informants, and fighting any opposition by overt and covert measures, including hidden psychological destruction of dissidents. Without the aid of modern technology the Stasi in East Germany ran a network of over 2,000,000 informants and ostensibly had an entire nation under active surveillance and effectively so.

The Buttes-Chaumont Network & the Charlie Hebdo Watershed

The protagonists of the Charlie Hebdo attacks were known not just to the French authorities but to other European authorities and their counterparts in the United States. It is well known and has been widely reported that one had travelled to Yemen over a three-year period and another had been convicted of earlier seeking to travel to Iraq and that they were both associated with long-established European jihadist networks.

Cherif was part of the “Buttes-Chaumont network” that assisted would-be jihadists fight for al-Qaeda in Iraq after the invasion in 2003. He was detained in 2005 just as he was about to board a plane for Syria which at that time was a gateway for jihadists looking to fight US troops in Iraq. The Kouachi brothers had allegedly attended a mosque near Buttes-Chaumont, an area of northern Paris, where they came under the influence of a radical imam called Farid Benyettou.

Following Cherif’s imprisonment between January 2005 and October 2006, he first came into contact with the man who would become his mentor – Djamel Beghal. Beghal was sentenced to 10 years in prison in France in 2001 for his part in a plot to bomb the US embassy in Paris. In 2008, Cherif was again jailed for three years for his role in sending militants to Iraq, 18 months of the sentence was suspended.

AQII Flag

Another key figure in the Buttes-Chaumont network was Boubaker al-Hakim, a militant linked to al-Qaeda in Iraq. al-Hakim also recruited militants to fight in Falluja, an Iraqi city that became an al-Qaeda stronghold in 2004. al-Hakim is also wanted in Tunisia over the murder of two Tunisian left-wing opposition politicians in 2013 – he claimed the murders in the name of the Islamic State militant group. A French court jailed al-Hakim for seven years in 2008.

That action appeared to break up the jihadist network that Beghal, al-Hakim and Cherif Kouachi had created.

In 2010 Cherif Kouachi was named in connection with a plot to assist in the escape of another Islamist, Smain Ait Ali Belkacem, from jail.

A plot hatched by Beghal, according to French anti-terror police.

Belkacem used to be in the outlawed Algerian Islamic Armed Group (GIA) and was jailed for life in 2002 for a Paris metro station bombing in 1995 which injured 30 people.

Original GIA Flag

AQAP Flag

The older Kouachi undertook military training in Yemen in 2011, where he met the influential preacher Anwar al-Awlaki.

Awlaki was a senior figure in al-Qaeda in the Arabian Peninsula (AQAP). The branch of al-Qaeda that has proven most effective at placing bombs on Western-bound aircraft, and which claimed responsibility for the Hebdo attacks.

It is important to remember, however, that thousands of people would have been connected to these very same networks, some of which are well over a decade old. On top of this, more than 1,200 French nationals – a large proportion of whom would be previously unknown – have travelled to Iraq and Syria to fight with Islamic State in the last few years. About 350 have returned according to unofficial figures.

The “Five Eyes”

The French authorities and their foreign counterparts, especially those in Yemen and the US, shared intelligence that might, taken together, have thrown up insight that the individual portions could not. One report suggests that France de-prioritized the Kouachi brothers because Yemen was a US priority, whereas American officials left it to the French.

France is not a member of the US-led Five Eyes intelligence alliance – a fact which may have contributed to the threat detection failure that led to the recent attacks.

The “Five Eyes”, often abbreviated as “FVEY”, refer to an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are bound by the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence.

Click image to enlarge

The origins of the FVEY can be traced back to World War II, when the Atlantic Charter was issued by the Allies to lay out their goals for a post-war world. During the course of the Cold War, the ECHELON surveillance system was initially developed by the FVEY to monitor the communications of the former Soviet Union and the Eastern Bloc, although it allegedly was later used to monitor billions of private communications worldwide.

In the late 1990s, the existence of ECHELON was disclosed to the public, triggering a major debate in the European Parliament and, to a lesser extent, the United States Congress. As part of efforts in the ongoing War on Terror since 2001, the FVEY further expanded their surveillance capabilities, with much emphasis placed on monitoring the World Wide Web.

The former NSA contractor Edward Snowden described the Five Eyes as a “supra-national intelligence organisation that doesn’t answer to the known laws of its own countries”. Documents leaked by Snowden in 2013 revealed that the FVEY have been spying on one another’s citizens and sharing the collected information with each other in order to circumvent restrictive domestic regulations on surveillance of citizens.

In 2013, documents leaked by the former NSA contractor Edward Snowden revealed the existence of numerous surveillance programs jointly operated by the Five Eyes. The following list includes several notable examples reported in the media:

PRISM – Operated by the NSA together with the GCHQ and the ASD

XKeyscore – Operated by the NSA with contributions from the ASD and the GCSB

Tempora – Operated by the GCHQ with contributions from the NSA

MUSCULAR – Operated by the GCHQ and the NSA

STATEROOM – Operated by the ASD, CIA, CSEC, GCHQ, and NSA

Despite the impact of Snowden’s disclosures, some experts in the intelligence community believe that no amount of global concern or outrage will affect the Five Eyes relationship, which to this day remains the most extensive known espionage alliance in history.

The Emergence of “Boutique” Terrorism

Recently extremists groups based in conflict hotspots have called on sympathisers in Western countries to take the initiative and plan and execute terrorist actions locally with little or no external assistance.

Simplistically many people tend to seek to place terrorist attacks into one of two categories: low-tech, independent operations by individuals (“lone wolf”) or small groups (“wolf packs”), or complex and large scale operations resourced and commanded by organizations.

The last six months has seen a profusion of low-level attacks across Europe and North America, giving the impression that even slightly larger attacks – involving higher-calibre weaponry or better preparation – must represent formal plots by established terrorist groups.

In the Hebdo case, the attackers themselves claimed to have been sent by AQAP, which itself claimed to have “directed” the plot. But we should treat this claim sceptically. As the Australian counterterrorism analyst Leah Farrall reminds us, the al-Qaeda operatives who attacked US embassies in 1998 were given only general instructions to strike Americans.

Al-Qaeda’s leadership learned of the targets while the attack was under way. This is closer to inspiration or encouragement than direction or command. This was the model in the Paris attacks, particularly as AQAP’s past plots have been built around advanced bombs rather than the use of gunmen. Amidst the rise of IS, al-Qaeda – and especially its Yemeni branch – remains a potent threat for this type of action.

However, the Paris attacks are not a new kind of terrorism. The use of gunmen, the seizure of hostages, the focus on screen-time rather than death toll, and the role played by complex networks of individuals cutting across different countries and groups have been features of attacks over the past 50 years. The new challenge isn’t the prioritisation of threats, but the growing mismatch between the number of potential threats and limited resources.

“Cell” Structures & Suicidal Tendencies

Many of the recent plots appear to have been developed without foreign direction which minimises the possibility of eavesdropping. The concept of the “terrorist cell” developed in the 1970s to counter the prevailing intelligence gathering techniques at that time were difficult, if not bordering on the impossible, to detect.

For example in the 1970’s the IRA overhauled its internal structures, greatly reducing the numbers of volunteers who engaged in attacks and organising them into closed cells, or “active service units”, so that the information any one IRA man would have about the organisation would be limited to five or six people.

This process reduced the numbers of active IRA personnel greatly. At its peak in the early 1970s, the Belfast Brigade had had up to 1,500 members. By the early 1980s, this had been reduced to about 100 men in active service units and another 200-300 in supporting roles.

The cell structure also increased the control of the Brigade’s leadership over its volunteers, since all weapons were held by one “quartermaster” attached to each unit and could only be used for operations authorised by the Brigade leadership.

The objective was to preserve high value operatives and their skills for continued and ongoing use against their targets.

With the emergence of the extremist jihadi threat in Europe in recent years and the seemingly vast pool of resources from which these groups can draw from – the “cell” structure is used to avoid detection pre-event but not so much concerned with the preservation of the “cell”, “lone wolf” or “wolf packs” post event.

Manpower has ceased to be an issue.

Where plots use more easily available resources, such as firearms rather than sophisticated explosives, then the challenges faced in implementing a robust prevention strategy are exponentially greater.

The reasons for the decision by the French intelligence services to lift their surveillance of Said Kouachi after his return from Yemen is not clearly known. Likely it was based on balancing the perceived threat from Kouachi versus other competing threats and was also informed by what initial surveillance of him had yielded post his return to France.

It is a matter of the size of the competing needles in a very large haystack rather than an example of an intelligence failure or a systemic problem with the tactics being employed by the French authorities.

Information Myopia

Intelligence agencies globally suffer from a modern problem best defined as “information myopia”*. There is simply too much data available from too many sources much of which is of questionable value but all of which ends up in the same “cube” available for analysis. Extending the remit and sources that are under the surveillance lens will only exacerbate this problem and will not necessarily lead to improved security outcomes.

If the “cube” of data to be analysed is vast then the sieving process that is employed is the key to the success of the analysis. This sieving process though is currently largely based on keywords or watchwords and prone to error. Unless a would be attacked is incredibly naïve then most of this processes effectiveness is rendered useless.

Pattern analysis too has its pitfalls – simply because someone is a frequent visitor to sites that would seem to indicate extremism does not make them an extremist. What about researchers, journalists, the genuinely curious?

There is reason to think that the French failed to get some information they ought to have had. The Kouachi brothers had succeeded in building up a cache of arms in their apartment. Neighbours discovered that cache, but they were then intimidated into silence.

This, however, might represent more a failure of local policing – and poor relations between the local Muslim community and the authorities – than national intelligence. Nevertheless, assault rifles and rocket launchers are not easily available in Western Europe, and the French authorities could reasonably be expected to have had a tighter grip on the supply networks.

* The terms “myopia” and “myopic” (or the common terms “short-sightedness” or “short-sighted”, respectively) have been used metaphorically to refer to cognitive thinking and decision making that is narrow in scope or lacking in foresight or in concern for wider interests or for longer-term consequences. It is often used to describe a decision that may be beneficial in the present, but detrimental in the future, or a viewpoint that fails to consider anything outside a very narrow and limited range. Hyperopia, the biological opposite of myopia, may also be used metaphorically for a value system or motivation that exhibits “farsighted” or possibly visionary thinking and behavior; that is, emphasizing long-term interests at the apparent expense of near-term benefit.

What is the French word for PRISM?

Last December (2014) the French government published a decree enacting an internet surveillance law that was passed a year before. The measure allowed authorities ‘administrative access to connection data,’ and came into force on the 1st January 2015. The decree, providing French officials with access to data from a wide range of telecom services in the country – including phone calls, text messages and internet access by both private users and operators – was published over the Christmas holidays, France’s Le Point reported.

The legislation was passed in December last year, and was a surprise to many as less than two months before it was approved, the country’s president François Hollande – during a phone conversation with Barack Obama – expressed his “deep disapproval” at revelations that the NSA had been intercepting millions of phone calls in France, having described it as an “unacceptable practice.”

Notwithstanding that comment from 1st January 2015, the French government itself is in control of its residents’ connection data, with an “interdepartmental group” being in charge of security interceptions and administrative access, gathering requests for certain data and obtaining it from operators. Departments, authorized to issue data requests, include several branches within the Interior Ministry, the Ministry of Defense and a directorate at the Ministry of Finance.

Laws, empowering state officials to monitor the population by means of communication and information access, have been passed under the flag of protection from the terrorist threat. Powers, granted to the government by the new surveillance law, have been met with protests in France. Before it was eventually enacted, authorities set up an oversight body – National Control Commission for Security Interceptions (CNCIS), which will supervise governmental data control powers. Although it is allowed to oversee documents and information asked to be disclosed to the authorities, it has no power to sanction anyone, or alert any third party of an alleged abuse.

“THIS IS NOT A FRENCH PATRIOT ACT” – Prime Minister Manuel Valls

From the 13th April 2015 French lawmakers spent four days debating a controversial anti-terrorism bill that, if passed, would dramatically expand the government’s surveillance powers.

The law’s backers describe it as a necessary measure to thwart terrorist attacks, and it has strong support on both sides of the aisle. But the bill has drawn sharp criticism from French internet companies over fears that it could harm business, and from privacy advocates who say it would severely curtail civil liberties.

The proposed law would allow the government to monitor emails and phone calls of suspected terrorists and their contacts, without seeking authorization from a judge. Telecommunications and internet companies would be forced to automatically filter vast amounts of metadata to flag suspicious patterns, and would have to make that data freely available to intelligence services. Agents would also be able to plant cameras and bugs in the homes of suspected terrorists, as well as key-loggers to track their online behavior.

Privacy International, Amnesty International, and other human rights organizations expressed alarm over the bill when it was announced last month, urging Parliament to give it careful scrutiny. It’s also been criticized by the National Digital Council, which advises France’s government on technological issues, and by several French web hosting companies, which say the threat of constant government intrusion would undermine their business.

Of particular concern is the provision requiring telecoms to automatically filter internet traffic. Under the law, internet service providers would have to install monitoring mechanisms — referred to by the French media as “black boxes” — that would use algorithms to detect, in real time, suspicious behaviors in internet metadata.

The bill’s supporters stress that this metadata would remain anonymous and that content of communications would not be automatically swept up, but the behaviors that would constitute a “terrorist-like” pattern are still unclear. Critics say the measure effectively amounts to mass surveillance of web traffic on a disproportionately large scale.

Under the bill, recordings could be stored for up to one month, and metadata for up to five years. France’s current data protection laws date back to 1978, and are among the strongest in Europe. “It’s a comprehensive data protection framework that applies to both the public sector and all industries,” Fabrice Naftalski, a data privacy attorney and partner at the legal firm EY in Paris, says of current French law. “Protection of personal data is a fundamental right.”

But the country’s counter-terrorism laws haven’t been revised since 1991, which was the original impetus behind drafting this bill last summer. The legislation took on a new sense of urgency following January’s attacks, when Valls moved to fast-track it for passage by this summer. (A vote is expected early next month.)

It seems 2,000,000 East German HUMINT Stasi assets have been supplanted by 66,000,000 French SIGINT black boxes. Thats progress – at least technologically.

References & Acknowledgements

Perspectives on Terrorism The Modus Operandi of Jihadi Terrorists in Europe by Petter Nesser and Anne Stenersen terrorismanalysts.com/pt/index.php/pot/article/view/388/html

The XX Committee: Intelligence, Strategy, and Security in a Dangerous World – www.20committee.com